What if, when you first sign up for API access, you only get access to your own data and content? You couldn't get access to any other users until you were approved. It seems like something that would incentivize developers to publish data and content, build their profiles out, which is good for the platform right? It will also protect other end-users from malicious activity by random developers who are just looking to wreak havoc in support of their own objectives and do not care about the platform (like we saw with Soundcloud).

A good example of how this could be applied is evident in the post yesterday by Kris Shaffer on Medium, who was looking to get his content out of the platform. I use the Medium API to syndicate blog posts to Medium (POSSE), but there is no read API allowing me to pull my content out. I agree with Kris that this is a problem. What if Medium opened up API access, allowing us platform users to get at our own content, but then required the approval of any app before there ever is access to other users content?

Some food for thought. I hear a lot of platforms say they don't do APIs because they don't want to end up with the same problems as Twitter. I think this is the result of some legacy views about public APIs that should just go away. Not all APIs are created equal, and I feel that APIs shouldn't always be just about applications and often times are just a lifeline for platform users, helping us end-users better manage their data and content. If my internal systems and other third-party systems are integrated together with APIs, the likelihood that I will grow dependent on the integration only increases.

IAM is now more than a security project. It’s an enabler for an integration agile enterprise. If you’re currently evaluating an identity solution or exploring IAM, join this webinar.